Comment on page
CrowdSec is a free, open-source and collaborative IPS. Analyze behaviors, respond to attacks & share signals across the community.
CrowdSec is a free, open-source, and collaborative IPS. Analyze behaviors, respond to attacks & share signals across the community.
Thibault & Philippe, 2 of CrowdSec founders, used to work in high-security hosting, which was kind of a new field back in the 2010s. They designed a stack of protection that would also block IPs that made violations.
One day, one of their clients, a famous sports-oriented e-commerce shop, was under attack. It was not a real problem since it was protected by a robust stack, but the hacker used more than 3,000 IP addresses to try to aggress the website. At this exact moment came this idea that would be the genesis of CrowdSec.
This was the starting point of a long journey, involving a lot of great minds in designing a lightweight product, Waze-like, that would not only block attacks but also share IPs with all its user community.
“Safer together” was born. The team started to gather around this idea that instead of being isolated sitting ducks, waiting to be picked one by one by the enemy, we could rather organize a sort of Internet neighborhood watch.
- Easy to Set up and Use - CrowdSec is easy to install, deploy and use regardless of your knowledge. You don't need to be a security master to enjoy its full capabilities.
- Replayable - CrowdSec is able to process both live and old logs, which makes it false-positive resilient.
- Observable - CrowdSec is instrumented with Metabase & Prometheus to generate out-of-the-box dashboards and monitor activity across your assets.
- API-Driven - All components communicate via HTTP API, making it easy to cover complex setups.
- Participative - You can share malevolent IP data with your fellow users, have each other's backs and outnumber hackers.
- Open Source - CrowdSec is as open source and free as it can be through an MIT licence. No back doors. No shenanigans.
- Applicative DDoS
- Drive-by download
- Resource abuse
- Credentials Brute-forcing
- PHP-based Armageddon
- Port scans
- Web scans
- Credentials stuffing
- Bot scraping
- Targeted attacks
- Momas for their input and guidance.
- Our Discord community and our Community Leaders DiscDuck and Sycotix for their input and documentation.
Please support the developers and creators involved in this work to help show them some love.
We hope you enjoyed this guide. It was conceptualized by Momas, written, and implemented by our Community Leader Hawks.
Our work sometimes takes months to research and develop. If you want to help support us please consider: